# Accounts

An account on the Endless blockchain represents access control over a set of assets including on-chain currency and NFTs. In Endless, these assets are represented by a Move language primitive known as a **resource** that emphasizes both access control and scarcity.

Each account on the Endless blockchain is identified by a (base58 encoded) account address.

Different from other blockchains where accounts and addresses are implicit, accounts on Endless are explicit and need to be created before they can execute transactions. The account can be created explicitly or implicitly by transferring Endless tokens (EDS) there. See the Creating an account section for more details. In a way, this is similar to other chains where an address needs to be sent funds for gas before it can send transactions.

There are three types of accounts on Endless:

* *Standard account* - This is a typical account corresponding to an address with a corresponding pair of public/private keys.
* *Resource account* - An autonomous account without a corresponding private key used by developers to store resources or publish modules on-chain.
* *Object* - A complex set of resources stored within a single address representing a single entity.

Account address example

Account addresses are Base58-encoded strings derived from 32-byte values, typically have a length of approximately 43 characters. See the Your First Transaction for an example of how an address appears, reproduced below:

`Alice: BtXV19CoB1F3maLzzmmV8UaSZC4Jo3wHU9PDHeuwDo99`

### Creating an account <a href="#creating-an-account" id="creating-an-account"></a>

When a user requests to create an account, for example by using the Endless[SDK](https://www.npmjs.com/package/endless-sdk/classes/Account.html), the following steps are executed:

* Select the authentication scheme for managing the user's account, e.g., Ed25519.
* Generate a new private key, public key pair.
* Combine the public key with the public key's authentication scheme to generate a 32-byte authentication key and the account address.

The user should use the private key for signing the transactions associated with this account.

### Account sequence number <a href="#account-sequence-number" id="account-sequence-number"></a>

The sequence number for an account indicates the number of transactions that have been submitted and committed on-chain from that account. Committed transactions either execute with the resulting state changes committed to the blockchain or abort wherein state changes are discarded and only the transaction is stored.

Every transaction submitted must contain a unique sequence number for the given sender's account. When the Endless blockchain processes the transaction, it looks at the sequence number in the transaction and compares it with the sequence number in the on-chain account. The transaction is processed only if the sequence number is equal to or larger than the current sequence number. Transactions are only forwarded to other mempools or executed if there is a contiguous series of transactions from the current sequence number. Execution rejects out of order sequence numbers preventing replay attacks of older transactions and guarantees ordering of future transactions.

### Authentication key <a href="#authentication-key" id="authentication-key"></a>

The initial account address is set to the authentication key derived during account creation. However, the authentication key may subsequently change, for example when you generate a new public-private key pair, public keys to rotate the keys. An account address never changes.

The Endless blockchain supports [Ed25519](https://ed25519.cr.yp.to/) authentication schemes

#### Ed25519 authentication <a href="#ed25519-authentication" id="ed25519-authentication"></a>

To generate an authentication key and the account address for an Ed25519 signature:

1. **Generate a key-pair**: Generate a fresh key-pair (`privkey_A`, `pubkey_A`). The Endless blockchain uses the PureEdDSA scheme over the Ed25519 curve, as defined in RFC 8032.
2. **Derive a 32-byte authentication key**: Derive a 32-byte authentication key from the `pubkey_A`:
3. ```
   auth_key = sha3-256(pubkey_A | 0x00)
   ```

   where `|` denotes concatenation. The `0x00` is the 1-byte single-signature scheme identifier.
4. Use this initial authentication key as the permanent account address.

### State of an account <a href="#state-of-an-account" id="state-of-an-account"></a>

The state of each account comprises both the code (Move modules) and the data (Move resources). An account may contain an arbitrary number of Move modules and Move resources:

* **Move modules**: Move modules contain code, for example, type and procedure declarations; but they do not contain data. A Move module encodes the rules for updating the Endless blockchain's global state.
* **Move resources**: Move resources contain data but no code. Every resource value has a type that is declared in a module published on the Endless blockchain.

### Access control with signers <a href="#access-control-with-signers" id="access-control-with-signers"></a>

The sender of a transaction is represented by a signer. When a function in a Move module takes `signer` as an argument, the Endless Move VM translates the identity of the account that signed the transaction into a signer in a Move module entry point. See the below Move example code with `signer` in the `initialize` and `withdraw` functions. When a `signer` is not specified in a function, for example, the below `deposit` function, then no signer-based access controls will be provided for this function:

```rust
module Test::Coin {
  struct Coin has key { amount: u64 }

  public fun initialize(account: &signer) {
    move_to(account, Coin { amount: 1000 });
  }

  public fun withdraw(account: &signer, amount: u64): Coin acquires Coin {
    let balance = &mut borrow_global_mut<Coin>(Signer::address_of(account)).amount;
    *balance = *balance - amount;
    Coin { amount }
  }

  public fun deposit(account: address, coin: Coin) acquires Coin {
      let balance = &mut borrow_global_mut<Coin>(account).amount;
      *balance = *balance + coin.amount;
      Coin { amount: _ } = coin;
  }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.endless.link/endless/devbuild/start/learn-about-endless/accounts.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.